CVE-2011-10032

UNKNOWN 0.0

Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Sunway ForceControl version 6.1 SP3 and earlier contains a stack-based buffer overflow vulnerability in the SNMP NetDBServer service, which listens on TCP port 2001. The flaw is triggered when the service receives a specially crafted packet using opcode 0x57 with an overly long payload. Due to improper bounds checking during packet parsing, attacker-controlled data overwrites the Structured Exception Handler (SEH), allowing arbitrary code execution in the context of the service. This vulnerability can be exploited remotely without authentication and may lead to full system compromise on affected Windows hosts.

CWE	CWE-121
Vendor	sunway
Product	forcecontrol
Published	Aug 30, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for sunway forcecontrol

Be the first to know when new unknown vulnerabilities affecting sunway forcecontrol are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Sunway / ForceControl

* ≤ 6.1 SP3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

raw.githubusercontent.com: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/scada/sunway_force_control_netdbsrv.rb exploit-db.com: https://www.exploit-db.com/exploits/18448 fortiguard.com: https://www.fortiguard.com/encyclopedia/ips/29449 aluigi.altervista.org: http://aluigi.altervista.org/adv/forcecontrol_1-adv.txt sunwayland.com: http://www.sunwayland.com/ web.archive.org: https://web.archive.org/web/20110611043512/http://www.sunwayland.com.cn/pro.asp vulncheck.com: https://www.vulncheck.com/advisories/sunway-forcecontrol-snmp-netdbserver-opcode

Credits

Luigi Auriemma